virtio: order used ring after used index read

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

On SMP guests, reads from the ring might bypass used index reads. This
causes guest crashes because host writes to used index to signal ring
data readiness. Fix this by inserting rmb before used ring reads.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: stable@kernel.org

authored by

Michael S. Tsirkin and committed by

Rusty Russell 16 years ago 2d61ba95 0b22bd0b

1 changed file

expand all

drivers

virtio

virtio_ring.c

drivers/virtio/virtio_ring.c

··· 285 285 return NULL; 286 286 } 287 287 288 + /* Only get used array entries after they have been exposed by host. */ 289 + rmb(); 290 + 288 291 i = vq->vring.used->ring[vq->last_used_idx%vq->vring.num].id; 289 292 *len = vq->vring.used->ring[vq->last_used_idx%vq->vring.num].len; 290 293